Commit 6353e01e authored by Tetiana Chupryna's avatar Tetiana Chupryna Committed by Igor Drozdov

Add MergeRequest to vulnerability

Add possibility to query for auto-fix MR from vulnerability
parent a7362918
......@@ -167,6 +167,8 @@ module Types
description: 'Indicates if the merge request is mergeable'
field :commits_without_merge_commits, Types::CommitType.connection_type, null: true,
calls_gitaly: true, description: 'Merge request commits excluding merge commits'
field :security_auto_fix, GraphQL::BOOLEAN_TYPE, null: true,
description: 'Indicates if the merge request is created by @GitLab-Security-Bot.'
def approved_by
object.approved_by_users
......@@ -229,6 +231,10 @@ module Types
def commits_without_merge_commits
object.recent_commits.without_merge_commits
end
def security_auto_fix
object.author == User.security_bot
end
end
end
......
---
title: Add MergeRequest to VulnerabilityType in GraphQL
merge_request: 50082
author:
type: added
......@@ -13466,6 +13466,11 @@ type MergeRequest implements CurrentUserTodos & Noteable {
full: Boolean = false
): String!
"""
Indicates if the merge request is created by @GitLab-Security-Bot.
"""
securityAutoFix: Boolean
"""
Indicates if the merge request will be rebased
"""
......@@ -25041,6 +25046,11 @@ type Vulnerability implements Noteable {
"""
location: VulnerabilityLocation
"""
Merge request that fixes the vulnerability.
"""
mergeRequest: MergeRequest
"""
All notes on this noteable
"""
......
......@@ -37149,6 +37149,20 @@
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "securityAutoFix",
"description": "Indicates if the merge request is created by @GitLab-Security-Bot.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "Boolean",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "shouldBeRebased",
"description": "Indicates if the merge request will be rebased",
......@@ -72928,6 +72942,20 @@
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "mergeRequest",
"description": "Merge request that fixes the vulnerability.",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "MergeRequest",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "notes",
"description": "All notes on this noteable",
......@@ -2088,6 +2088,7 @@ Autogenerated return type of MarkAsSpamSnippet.
| `rebaseCommitSha` | String | Rebase commit SHA of the merge request |
| `rebaseInProgress` | Boolean! | Indicates if there is a rebase currently in progress for the merge request |
| `reference` | String! | Internal reference of the merge request. Returned in shortened format by default |
| `securityAutoFix` | Boolean | Indicates if the merge request is created by @GitLab-Security-Bot. |
| `shouldBeRebased` | Boolean! | Indicates if the merge request will be rebased |
| `shouldRemoveSourceBranch` | Boolean | Indicates if the source branch of the merge request will be deleted after merge |
| `sourceBranch` | String! | Source branch of the merge request |
......@@ -3772,6 +3773,7 @@ Represents a vulnerability.
| `identifiers` | VulnerabilityIdentifier! => Array | Identifiers of the vulnerability. |
| `issueLinks` | VulnerabilityIssueLinkConnection! | List of issue links related to the vulnerability |
| `location` | VulnerabilityLocation | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability |
| `mergeRequest` | MergeRequest | Merge request that fixes the vulnerability. |
| `notes` | NoteConnection! | All notes on this noteable |
| `primaryIdentifier` | VulnerabilityIdentifier | Primary identifier of the vulnerability. |
| `project` | Project | The project on which the vulnerability was found |
......
......@@ -78,6 +78,9 @@ module Types
description: 'Indicates whether there is a solution available for this vulnerability.',
resolver_method: :has_solutions?
field :merge_request, ::Types::MergeRequestType, null: true,
description: 'Merge request that fixes the vulnerability.'
def user_notes_count
::Gitlab::Graphql::Aggregations::Vulnerabilities::LazyUserNotesCountAggregate.new(context, object)
end
......@@ -106,6 +109,10 @@ module Types
Gitlab::Graphql::Loaders::BatchModelLoader.new(Project, object.project_id).find
end
def merge_request
object.finding&.merge_request_feedback&.merge_request
end
def has_solutions?
object.finding&.remediations&.any?
end
......
......@@ -30,6 +30,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do
notes
external_issue_links
has_solutions
merge_request
discussions]
end
......
......@@ -29,7 +29,7 @@ RSpec.describe GitlabSchema.types['MergeRequest'] do
total_time_spent reference author merged_at commit_count current_user_todos
conflicts auto_merge_enabled approved_by source_branch_protected
default_merge_commit_message_with_description squash_on_merge available_auto_merge_strategies
has_ci mergeable commits_without_merge_commits
has_ci mergeable commits_without_merge_commits security_auto_fix
]
if Gitlab.ee?
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment